Android VPN Redirect Threat from KitKat 4.4 Vulnerability

Security researchers at Ben Gurion University in Israel who previously disclosed a vulnerability in Android Jelly Bean 4.3 that would allow an attacker to bypass VPN configurations to intercept data have identified a vulnerability in KitKat 4.4 that would allow attackers to redirect VPN traffic to a third-party server.

“At first we could not reproduce it with the original vulnerability code since KitKat has a modified security implementation. Following an elaborate investigation we were able to reproduce the same vulnerability where a malicious app can bypass active VPN configuration (no ROOT permissions required) and redirect secure data communications to a different network address,” the researchers stated.

“These communications are captured in CLEAR TEXT (no encryption), leaving the information completely exposed. This redirection can take place while leaving the user completely oblivious, believing the data is encrypted and secure,” the team reported.

The team put together the following video to demonstrate the vulnerability in action:

The researchers notified Google’s Android security team and provided details of the vulnerability and exploit, and have been posting updates as they become available.

“Following the original report Samsung and Google collaborated on a response where they denied that our findings demonstrate a bug or a flaw in Android or Samsung KNOX. A few days ago we have published our position here,” the researchers said.

This is why i prefer stock android version that comes with Nexus. Even if there is an issue it is fixed quickly with update. If you have to wait for OEM manufacturers to provide update you will more often than not end up short sleeved.

Andy

Thanks

Gigi

Yes, good findings at all. I think researchers have done superb work to find out this problem and already they have got some sort of solution out there and hope that this problem will remove by using this system as well. So thanks for this good work and best of luck for the next project.

Lorraine Walsh

getting your hands on a genuine and authentic vpn provider is the key. I myself have been using purevpn for quite sometime and found it to be thoroughly helpful with no such issues.